lengpucheng 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8b65fc75c4 
							
						 
					 
					
						
						
							
							fixed #5763,fixed  #5760  : Add utils.securopen func to fix not syscall.O_NOFOLLOW on Windows ( #5764 )  
						
						
						
						
					 
					
						2025-04-04 23:24:26 +08:00 
						 
				 
			
				
					
						
							
							
								llchry 
							
						 
					 
					
						
						
						
						
							
						
						
							5fa33bc11b 
							
						 
					 
					
						
						
							
							Update db_oracle.go  
						
						... 
						
						
						
						fix dbbase.GetColumns  expected 3 destination arguments but only query one in oracle 
						
						
					 
					
						2025-03-26 15:42:05 +08:00 
						 
				 
			
				
					
						
							
							
								Ville Vesilehto 
							
						 
					 
					
						
						
						
						
							
						
						
							939bb18c66 
							
						 
					 
					
						
						
							
							fix: add proper HTML escaping in renderFormField  
						
						... 
						
						
						
						Enhances template safety by escaping user-provided values before inserting
them into HTML output. Improves the function by consistently using escaped
variables throughout the implementation.
- Adds template.HTMLEscapeString for all dynamic values
- Updates variable naming for consistency (escapedName, idAttr, etc.)
- Adds tests to verify proper character escaping works as expected
Signed-off-by: Ville Vesilehto <ville@vesilehto.fi> 
						
						
					 
					
						2025-03-26 15:38:28 +08:00 
						 
				 
			
				
					
						
							
							
								chengjingtao 
							
						 
					 
					
						
						
						
						
							
						
						
							1f40a88b0c 
							
						 
					 
					
						
						
							
							Fix CVE-2021-27116 CVE-2021-27117  
						
						... 
						
						
						
						1. Adding O_NOFOLLOW flag to prevent symlink attacks
These changes help protect against various security issues including:
- Symlink attacks where attackers could trick the application into modifying unintended files
- Privilege escalation through improper file permissions
Signed-off-by: chengjingtao <jtcheng0616@gmail.com> 
						
						
					 
					
						2025-03-15 21:52:43 +08:00 
						 
				 
			
				
					
						
							
							
								cangqiaoyuzhuo 
							
						 
					 
					
						
						
						
						
							
						
						
							5e9c913b47 
							
						 
					 
					
						
						
							
							fix: fix incorrect nil return value  
						
						... 
						
						
						
						Signed-off-by: cangqiaoyuzhuo <850072022@qq.com> 
						
						
					 
					
						2025-02-28 23:22:18 +08:00 
						 
				 
			
				
					
						
							
							
								zhuhaicity 
							
						 
					 
					
						
						
						
						
							
						
						
							5da7cabb59 
							
						 
					 
					
						
						
							
							chore: fix some function names in comment  
						
						... 
						
						
						
						Signed-off-by: zhuhaicity <zhuhai@52it.net> 
						
						
					 
					
						2025-01-12 15:08:34 +08:00 
						 
				 
			
				
					
						
							
							
								Ming Deng 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a21efb5613 
							
						 
					 
					
						
						
							
							fix issue 5732 ( #5735 )  
						
						
						
						
					 
					
						2025-01-01 10:25:23 +08:00 
						 
				 
			
				
					
						
							
							
								Stone 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e7fa4835f7 
							
						 
					 
					
						
						
							
							modify: file cache writer md5 to sha256 ( #5727 )  
						
						... 
						
						
						
						* modify: file cache writer md5 to sha256
* modify: file cache writer md5 to sha256
* modify: file cache writer md5 to sha256 
						
						
					 
					
						2024-12-08 22:30:41 +08:00 
						 
				 
			
				
					
						
							
							
								Deng Ming 
							
						 
					 
					
						
						
						
						
							
						
						
							bb72dc27ac 
							
						 
					 
					
						
						
							
							fix 5720: the formValue should read the first value  
						
						
						
						
					 
					
						2024-11-20 22:03:38 +08:00 
						 
				 
			
				
					
						
							
							
								lengpucheng 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b510342640 
							
						 
					 
					
						
						
							
							Delete server/web/session/ledis/http:/host:port directory ( #5717 )  
						
						... 
						
						
						
						remove server/web/session/ledis/http:/host:port directory because is not legal on Windows 
						
						
					 
					
						2024-11-18 18:38:46 +08:00 
						 
				 
			
				
					
						
							
							
								Nandavardhan8 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b602bdafcd 
							
						 
					 
					
						
						
							
							fix for the CVE-2022-31836 4ca2780dbf19d137746041886525fdebe594e50a ( #5707 )  
						
						... 
						
						
						
						Co-authored-by: Ming Deng <mingflycash@gmail.com> 
						
						
					 
					
						2024-10-31 20:44:58 +08:00 
						 
				 
			
				
					
						
							
							
								binlihpu 
							
						 
					 
					
						
						
						
						
							
						
						
							d5830a0fc2 
							
						 
					 
					
						
						
							
							Update log.go  
						
						... 
						
						
						
						fix comment 
						
						
					 
					
						2024-10-06 14:45:59 +08:00 
						 
				 
			
				
					
						
							
							
								luxcgo 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							0654bff7d5 
							
						 
					 
					
						
						
							
							use sync.Once to replace lock ( #5710 )  
						
						... 
						
						
						
						* use atomic operation to optimize performance
* use sync.Once to replace lock 
						
						
					 
					
						2024-10-05 22:43:21 +08:00 
						 
				 
			
				
					
						
							
							
								Fahad Khan 
							
						 
					 
					
						
						
						
						
							
						
						
							cbfbf97af1 
							
						 
					 
					
						
						
							
							added BootStrap call in case where default db name is not used  
						
						
						
						
					 
					
						2024-09-21 16:44:12 +08:00 
						 
				 
			
				
					
						
							
							
								Deng Ming 
							
						 
					 
					
						
						
						
						
							
						
						
							0f78ddc53a 
							
						 
					 
					
						
						
							
							Add validation CustomFunction example  
						
						
						
						
					 
					
						2024-09-02 14:14:33 +08:00 
						 
				 
			
				
					
						
							
							
								HaoYu Zhang 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d82475935d 
							
						 
					 
					
						
						
							
							add Enum string to validators ( #5697 )  
						
						... 
						
						
						
						* feature: add Enum string to validators
* feature: add information for Enum errors 
						
						
					 
					
						2024-08-22 21:32:16 +08:00 
						 
				 
			
				
					
						
							
							
								Fahad 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							8ee564a34c 
							
						 
					 
					
						
						
							
							Added support for select with options tag for templatefun.RenderForm ( #5691 )  
						
						... 
						
						
						
						* Added support for `select` with `options` tag for templatefun.RenderForm
* removing unwanted spaces
* added test for select in RenderForm 
						
						
					 
					
						2024-08-17 15:45:24 +08:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
						
						
							
						
						
							665cf3504f 
							
						 
					 
					
						
						
							
							build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2  
						
						... 
						
						
						
						Bumps google.golang.org/protobuf from 1.34.1 to 1.34.2.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com> 
						
						
					 
					
						2024-08-07 12:10:19 +08:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
						
						
							
						
						
							3cb34a8dd1 
							
						 
					 
					
						
						
							
							build(deps): bump golang.org/x/crypto from 0.23.0 to 0.24.0  
						
						... 
						
						
						
						Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.23.0 to 0.24.0.
- [Commits](https://github.com/golang/crypto/compare/v0.23.0...v0.24.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com> 
						
						
					 
					
						2024-08-02 15:05:11 +08:00 
						 
				 
			
				
					
						
							
							
								Alan Xu 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d269d74cd2 
							
						 
					 
					
						
						
							
							docs(session): fix session doc ( #5687 )  
						
						
						
						
					 
					
						2024-08-02 12:43:36 +08:00 
						 
				 
			
				
					
						
							
							
								Alan Xu 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							06d869664a 
							
						 
					 
					
						
						
							
							session: Support SessionReleaseIfPresent to avoid concurrent problem ( #5685 )  
						
						
						
						
					 
					
						2024-07-31 21:44:47 +08:00 
						 
				 
			
				
					
						
							
							
								Alan Xu 
							
						 
					 
					
						
						
						
						
							
						
						
							bdb7e7a904 
							
						 
					 
					
						
						
							
							docs(log_store.go): fix typo  
						
						... 
						
						
						
						fix typo 
						
						
					 
					
						2024-07-29 15:55:33 +08:00 
						 
				 
			
				
					
						
							
							
								tsinghuacoder 
							
						 
					 
					
						
						
						
						
							
						
						
							edc0260560 
							
						 
					 
					
						
						
							
							chore: fix comment  
						
						... 
						
						
						
						Signed-off-by: tsinghuacoder <tsinghuacoder@icloud.com> 
						
						
					 
					
						2024-07-24 17:06:24 +08:00 
						 
				 
			
				
					
						
							
							
								LumenShip 
							
						 
					 
					
						
						
						
						
							
						
						
							bb43fb19d9 
							
						 
					 
					
						
						
							
							Update orm_log.go  
						
						... 
						
						
						
						Refactor debugLogQueries function in orm_log.go
The debugLogQueries function in orm_log.go was modified to fix typos, streamline the formatting of log entries, and include additional data. Key changes include the addition of new entries to logMap, including "alias_name", "operation", "query", "cons", and "err". DebugLog also replaces logs.DebugLog to output the log entry. 
						
						
					 
					
						2024-07-06 16:56:52 +08:00 
						 
				 
			
				
					
						
							
							
								Ming Deng 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							84dcf68cb1 
							
						 
					 
					
						
						
							
							Merge pull request  #5675  from flycash/master  
						
						... 
						
						
						
						feat(validation): add Label to error struct 
						
						
					 
					
						2024-07-01 19:38:47 +08:00 
						 
				 
			
				
					
						
							
							
								Deng Ming 
							
						 
					 
					
						
						
						
						
							
						
						
							dc77027b80 
							
						 
					 
					
						
						
							
							using tsl0922/ssdb as test image  
						
						
						
						
					 
					
						2024-07-01 19:37:42 +08:00 
						 
				 
			
				
					
						
							
							
								hamidreza abedi 
							
						 
					 
					
						
						
						
						
							
						
						
							fac100ff37 
							
						 
					 
					
						
						
							
							feat(validation): add Label to error struct  
						
						
						
						
					 
					
						2024-07-01 19:37:22 +08:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
						
						
							
						
						
							05f624fe09 
							
						 
					 
					
						
						
							
							build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.1  
						
						... 
						
						
						
						Bumps google.golang.org/protobuf from 1.33.0 to 1.34.1.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com> 
						
						
					 
					
						2024-05-26 14:25:36 +08:00 
						 
				 
			
				
					
						
							
							
								Rafiudeen Chozhan Kumarasamy 
							
						 
					 
					
						
						
						
						
							
						
						
							92ea020d06 
							
						 
					 
					
						
						
							
							Update README.md  
						
						... 
						
						
						
						Added *go mod tidy* before *go build*. 
						
						
					 
					
						2024-05-26 14:17:38 +08:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
						
						
							
						
						
							7ef0553990 
							
						 
					 
					
						
						
							
							build(deps): bump golang.org/x/crypto from 0.22.0 to 0.23.0  
						
						... 
						
						
						
						Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/golang/crypto/compare/v0.22.0...v0.23.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com> 
						
						
					 
					
						2024-05-15 22:10:56 +08:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
						
						
							
						
						
							095dbf734d 
							
						 
					 
					
						
						
							
							build(deps): bump golang.org/x/net from 0.21.0 to 0.23.0  
						
						... 
						
						
						
						Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.21.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.21.0...v0.23.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com> 
						
						
					 
					
						2024-05-07 11:25:11 +08:00 
						 
				 
			
				
					
						
							
							
								Deng Ming 
							
						 
					 
					
						
						
						
						
							
						
						
							8f89e12e6c 
							
						 
					 
					
						
						
							
							fix GHSA-6g9p-wv47-4fxq  
						
						
						
						
					 
					
						2024-04-25 16:55:18 +08:00 
						 
				 
			
				
					
						
							
							
								guangwu 
							
						 
					 
					
						
						
						
						
							
						
						
							5a366cd62b 
							
						 
					 
					
						
						
							
							fix: close file in the GrepFile func  
						
						
						
						
					 
					
						2024-04-18 15:14:43 +08:00 
						 
				 
			
				
					
						
							
							
								wujiabang 
							
						 
					 
					
						
						
						
						
							
						
						
							d703f533d0 
							
						 
					 
					
						
						
							
							resolve   #5604 : using double instead of single hyphen when forking a child process.  
						
						
						
						
					 
					
						2024-04-12 20:16:44 +08:00 
						 
				 
			
				
					
						
							
							
								Deng Ming 
							
						 
					 
					
						
						
						
						
							
						
						
							35483381a0 
							
						 
					 
					
						
						
							
							update docsite  
						
						
						
						
					 
					
						2024-04-08 23:28:29 +08:00 
						 
				 
			
				
					
						
							
							
								Deng Ming 
							
						 
					 
					
						
						
						
						
							
						
						
							c1bd461068 
							
						 
					 
					
						
						
							
							actions: reuse the feedback action  
						
						
						
						
					 
					
						2024-04-08 17:50:25 +08:00 
						 
				 
			
				
					
						
							
							
								Deng Ming 
							
						 
					 
					
						
						
						
						
							
						
						
							0f9372234c 
							
						 
					 
					
						
						
							
							github: provide an action to make sure all users raise the issues following the template  
						
						
						
						
					 
					
						2024-04-08 17:14:35 +08:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
						
						
							
						
						
							90dc9e833e 
							
						 
					 
					
						
						
							
							build(deps): bump google.golang.org/grpc from 1.41.0 to 1.63.0  
						
						... 
						
						
						
						Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.41.0 to 1.63.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.41.0...v1.63.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com> 
						
						
					 
					
						2024-04-06 17:11:23 +08:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
						
						
							
						
						
							c562b472de 
							
						 
					 
					
						
						
							
							build(deps): bump golang.org/x/crypto from 0.20.0 to 0.22.0  
						
						... 
						
						
						
						Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.20.0 to 0.22.0.
- [Commits](https://github.com/golang/crypto/compare/v0.20.0...v0.22.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com> 
						
						
					 
					
						2024-04-06 16:55:56 +08:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
						
						
							
						
						
							f83ad57686 
							
						 
					 
					
						
						
							
							build(deps): bump golang.org/x/sync from 0.6.0 to 0.7.0  
						
						... 
						
						
						
						Bumps [golang.org/x/sync](https://github.com/golang/sync ) from 0.6.0 to 0.7.0.
- [Commits](https://github.com/golang/sync/compare/v0.6.0...v0.7.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com> 
						
						
					 
					
						2024-04-06 16:51:02 +08:00 
						 
				 
			
				
					
						
							
							
								Deng Ming 
							
						 
					 
					
						
						
						
						
							
						
						
							cb8de70d42 
							
						 
					 
					
						
						
							
							update website information  
						
						
						
						
					 
					
						2024-04-06 16:46:35 +08:00 
						 
				 
			
				
					
						
							
							
								seiya 
							
						 
					 
					
						
						
						
						
							
						
						
							196eb6b7cc 
							
						 
					 
					
						
						
							
							remove unneccesary elements in keys in Signature()  
						
						
						
						
					 
					
						2024-04-06 16:46:23 +08:00 
						 
				 
			
				
					
						
							
							
								Deng Ming 
							
						 
					 
					
						
						
						
						
							
						
						
							cca1f2f6e6 
							
						 
					 
					
						
						
							
							Refine the Readme v2  
						
						
						
						
					 
					
						2024-04-04 17:17:52 +08:00 
						 
				 
			
				
					
						
							
							
								Ming Deng 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b5edc16712 
							
						 
					 
					
						
						
							
							refine the README ( #5625 )  
						
						
						
						
					 
					
						2024-04-04 17:16:12 +08:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							f55655e65f 
							
						 
					 
					
						
						
							
							build(deps): bump github.com/go-sql-driver/mysql from 1.7.0 to 1.8.1 ( #5619 )  
						
						... 
						
						
						
						Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql ) from 1.7.0 to 1.8.1.
- [Release notes](https://github.com/go-sql-driver/mysql/releases )
- [Changelog](https://github.com/go-sql-driver/mysql/blob/v1.8.1/CHANGELOG.md )
- [Commits](https://github.com/go-sql-driver/mysql/compare/v1.7.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/go-sql-driver/mysql
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2024-03-31 21:45:10 +08:00 
						 
				 
			
				
					
						
							
							
								Seiya 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							0609076950 
							
						 
					 
					
						
						
							
							use filepath.Join() to build file paths ( #5617 )  
						
						... 
						
						
						
						* use filepath.Join() to build file paths
* use filepath.Join() to build file paths 
						
						
					 
					
						2024-03-31 21:26:35 +08:00 
						 
				 
			
				
					
						
							
							
								Ming Deng 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							97066459ed 
							
						 
					 
					
						
						
							
							fix 5620: ensure cookie always use the config ( #5621 )  
						
						
						
						
					 
					
						2024-03-31 21:25:28 +08:00 
						 
				 
			
				
					
						
							
							
								James Kang 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a287c2ba81 
							
						 
					 
					
						
						
							
							server: fix typo ( #5618 )  
						
						... 
						
						
						
						Signed-off-by: majorteach <csgcgl@126.com> 
						
						
					 
					
						2024-03-31 21:25:11 +08:00 
						 
				 
			
				
					
						
							
							
								racerole 
							
						 
					 
					
						
						
						
						
							
						
						
							29de4e3a3d 
							
						 
					 
					
						
						
							
							chore: remove repetitive words  
						
						... 
						
						
						
						Signed-off-by: racerole <jiangyifeng@outlook.com> 
						
						
					 
					
						2024-03-12 23:40:09 +08:00 
						 
				 
			
				
					
						
							
							
								dependabot[bot] 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							93f693a356 
							
						 
					 
					
						
						
							
							build(deps): bump github.com/prometheus/client_golang ( #5605 )  
						
						... 
						
						
						
						Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.16.0 to 1.19.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/v1.19.0/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.16.0...v1.19.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> 
						
						
					 
					
						2024-03-07 15:08:53 +08:00